In the overwhelming sea of information, access to timely, insightful and independent open-source intelligence (OSINT) analyses is crucial for maintaining the necessary situational awareness to stay on the top of emerging security threats. This blog covers trends and fads, tactics and strategies, intersecting with third-party research, speculations and real-time CYBERINT assessments, all packed with sarcastic attitude

Thursday, December 27, 2012

Dancho Danchev's Blog Most Popular Posts for 2012

The time has come to reflect on this year's most popular posts, and emphasize on the key points about what made them special.

Exposing the Market for Stolen Credit Cards Data - Although the post was originally published in 2011, it's the second most popular for 2012, proving that factually presenting the existence of a growing trend, inevitably reaches a wider audience.

Profiling a Vendor of Visa/Mastercard Plastics and Holograms - The main purpose of this post, was to shed more light into the increasing availability of "blank plastic" services, whose QA (Quality Assurance) processes sometimes outpace the OPSEC (Operational Security) efforts put in place by the targeted companies.

Pricing Scheme for a DDoS Extortion Attack - This post highlighted a bold, but obtained from "in the wild" DDoS extortion letter, indicating the degree of flexibility and professionalism applied by the cybercriminals behind it.

A Peek Inside the Vertex Net Loader - This post summarized the key features of the Vertex Net Loader, and emphasized on the systematic release of related DIY malware loaders/bots within the cybercrime ecosystem.

Dissecting the Ongoing Mass SQL Injection Attack - Regular readers of my personal blog are used to getting the latest threat intelligence regarding a particular widespread campaign, virtually in real-time. That was the main objective of this analysis, fortunately, successfully achieved.

Dissecting 'Operation Ababil' - an OSINT Analysis - Part Two - With 'Operation Ababil' still an open question to many of the major media outlets, the second part of the analysis discussed another tool used in the campaign, with the idea to raise more awareness on the tools and techniques used by the attackers behind the campaign.

Thank you all for being regular blog readers! The best is yet to come! See you all in 2013!